Document authentication using extracted digital fingerprints

ABSTRACT

Methods and systems for detecting changes, alterations and forgeries in documents utilize digital fingerprinting. A set of documents of a given type that are known to be altered or forgeries are scanned and “fingerprinted” to build a forgery database. Suspect documents are scanned and the resulting fingerprint data is used to query the forgery database to look for matching records, although a match need not be exact. Matches may be counted and compared to a threshold number to assess a confidence that a document is forged or not. The fingerprinting may be directed to at least one authentication region of a document, and one or more features in a region may be incorporated into a fingerprint of the document.

RELATED APPLICATIONS

This application is a divisional application of U.S. application Ser.No. 14/531,307, filed Nov. 3, 2014 (attorney docket 29094-0411), whichis a non-provisional of, and claims priority pursuant to 35 USC §119(e)to, U.S. provisional application no. 61/898,780 filed Nov. 1, 2013, andto U.S. provisional application No. 61/914,722 filed Dec. 11, 2013. Theparent application Ser. No. 14/531,307 is also a continuation of pendingU.S. application Ser. No. 14/290,653 filed May 29, 2014, which is acontinuation of U.S. application Ser. No. 13/410,753 filed Mar. 2, 2012(now U.S. Pat. No. 8,774,455) which claims benefit of 61/448,465 filedon Mar. 2, 2011. The parent application Ser. No. 14/531,307 is also acontinuation of pending U.S. application Ser. No. 13/618,362 filed onSep. 14, 2012 which claims benefit of 61/535,084 filed Sep. 15, 2011.All of the aforementioned applications are hereby incorporated byreference as though fully set forth.

Copyright ©2011-2016 RAF Technology, Inc. A portion of the disclosure ofthis patent document contains material which is subject to copyrightprotection. The copyright owner has no objection to the facsimilereproduction by anyone of the patent document or the patent disclosure,as it appears in the Patent and Trademark Office patent file or records,but otherwise reserves all copyright rights whatsoever. 37 CFR §1.71(d).

BACKGROUND

Counterfeiting of manufactured goods is a worldwide problem, with recentstudies estimating that 8% of the world's total GDP is now generated bythe manufacturing and sales of counterfeit products. Many classes ofcounterfeit goods create substantial risks to public health includingcounterfeit pharmaceutical drugs, auto parts, pesticides, and children'stoys. In addition, counterfeit computer chips, aerospace parts, andidentification documents present significant risks to national security.

Authentication alone is not enough to stop counterfeiting.Counterfeiters use a variety of strategies, including divertingunfinished products from factories that make authentic goods and thenadding their own counterfeit brand identifiers such as labels and tags.Counterfeit items can enter the supply chain at any point, including atthe original manufacturing facility, at the shipper, in distribution, orin retail stores. Unless the manufacturer or supplier can identifyexactly where and when the item entered the supply chain, identifyingand eliminating the counterfeit goods can be almost impossible.

Many different approaches have been tried to uniquely identify andauthenticate objects, including labeling and tagging strategies usingserial numbers, bar codes, holographic labels, RFID tags, and hiddenpatterns using security inks or special fibers. All of these methods canbe duplicated, and many add a substantial extra cost to the productionof the goods sought to be protected. Physical labels and tags can alsobe easily lost, modified, or stolen.

SUMMARY OF THE DISCLOSURE

The following is a summary of the present disclosure in order to providea basic understanding of some features and context. This summary is notintended to identify key/critical elements of the invention or todelineate the scope of the invention. Its sole purpose is to presentsome concepts of the present disclosure in a simplified form as aprelude to the more detailed description that is presented later.

In an embodiment, individual objects are scanned and a unique digitalsignature is generated by a digital fingerprinting method that utilizesthe object's natural structure or features. The object is registered inthe system database. Once the object is registered, the DigitalFingerprinting Track and Trace System can track the location of anyobject as it passes through a supply chain, distribution network, orsales channel. The system maintains a database record for each uniqueobject, and can store any relevant data related to the object over thecourse of its lifetime. The system can be queried, generate reports, andanalyze data on individual objects or on sets of objects. Applicationsof the system include but are not limited to object authentication,determining the provenance of an object, creating audit trails, andidentifying where counterfeit goods are entering manufacturing,distribution or sales networks.

In other applications, an original digital fingerprint can be comparedto a subsequent digital fingerprint of an object to establish that theobject is the original, without regard to its history of locations orpossession since the original digital fingerprint was acquired andstored.

Another aspect of this disclosure relates to detecting a counterfeit orforged object, for example a document such as a drivers license orpassport. In this case, there may be no “original” or source objectdigital fingerprint for comparison. Rather, “fingerprints” of knownindicia of counterfeit or forged objects can be acquired and stored. Forexample, a large number of bogus New York State driver's licenses mightbe obtained by law enforcement officials in a raid or the like. Digitalimages of those forged documents can be acquired, and analyzed to formdigital fingerprints, as described in more detail below.

In an embodiment, “Forgery feature vectors” can be collected and storedin a database, for example, sharp, non-bleeding edges where a photographhas been replaced or torn paper fibers where an erasure occurred. Thesefingerprints can be searched and compared to detect a forged document. Acount of “fraud indicator matches” can be compared to an empiricalthreshold to determine a confidence that a document is forged (or not).Additional aspects and advantages of this invention will be apparentfrom the following detailed description of preferred embodiments, whichproceeds with reference to the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

In order to describe the manner in which the above-recited and otheradvantages and features of the disclosure can be obtained, a moreparticular description follows by reference to the specific embodimentsthereof which are illustrated in the appended drawings.

Understanding that these drawings depict only typical embodiments of theinvention and are not therefore to be considered to be limiting of itsscope, the invention will be described and explained with additionalspecificity and detail through the use of the accompanying drawings inwhich:

FIG. 1A is a simplified flow diagram illustrating a method for creatinga storing a digital fingerprint of an object in a database.

FIG. 1B illustrates a process that includes more robust featureextraction.

FIG. 2 is a simplified flow diagram illustrating a method for matching adigital fingerprint of a target object to a database of existing digitalfingerprints.

FIG. 3 is a simplified conceptual diagram showing scanning of an objectat various times and places along a manufacture and distribution chain.

FIG. 4 is a simplified conceptual diagram illustrating use of a mobiledevice application to query authentication information related to anobject.

FIG. 5 is a simplified flow diagram illustrating a method for trackingan object to verify its provenance.

FIG. 6 illustrates an example of authentication region and objectfeature definition for a U.S. passport.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

In this application, we use the term “scan” in a broad sense. We referto any means for capturing an image or set of images, which may be indigital form or transformed into digital form. The images may be twodimensional, three dimensional, or be in the form of a video. Thus a“scan” may refer to an image (or digital data that defines an image)captured by a scanner, a camera, a specially-adapted sensor array suchas CCD array, a microscope, a smart phone camera, a video camera, anx-ray machine, etc. Broadly, any device that can sense and captureelectromagnetic radiation that has traveled through an object, orreflected off of an object, is a candidate to create a “scan” of theobject. Various means to extract “fingerprints” or features from anobject may be used; for example, through sound, physical structure,chemical composition, or many others. The remainder of this applicationwill use terms like “image” but when doing so, the broader uses of thistechnology should be implied. In other words, alternative means toextract “fingerprints” or features from an object should be consideredequivalents within the scope of this disclosure.

Authentication Regions

Because digital fingerprinting works with many different types ofobjects, it is necessary to define what parts of the digital images ofthe objects are to be used for the extraction of features forauthentication purposes. This can vary widely for different classes ofobjects. In some cases it is the image of the entire object; in othercases it will be a specific sub-region of the image of the object. Forinstance, for a photograph we may want to use the digital image of theentire photograph for feature extraction. Each photograph is different,and there may be unique feature information anywhere in the photograph.So in this case, the authentication region will be the entirephotograph.

Multiple regions may be used for fingerprints for several reasons, twoof which are particularly important. It may be that there are severalregions where significant variations take place among different similarobjects that need to be distinguished while, in the same objects, theremay be regions of little significance. In that case a template may beused (see below) primarily to eliminate regions of little interest.

A bank note, for example, can be authenticated if a few small arbitraryregions scattered across the surface are fingerprinted, along withrecognizing the contents of a region telling the value of the bank noteand one containing the bank note's serial number. In such a case thefingerprints of any region (along with sufficient additional informationto determine the bank note's value and its purported identity) may besufficient to establish the authenticity of the bill and multiplefingerprinted regions are used solely in the event that one or moreregions may be absent (through, for example, tearing) when the bill islater presented for authentication. Sometimes, however, all regions ofan item must be authenticated to ensure the item is both authentic andhas not been altered.

A passport provides an example of feature extraction from anauthentication region; see FIG. 6. On a passport, the features that wemay want to use for authentication may be extracted from regionscontaining such specific identification information as the passportnumber, recipient name, and recipient photo, as illustrated in FIG. 6.In that case one may define a feature template specifying those regionswhose alteration from the original would invalidate the passport, suchregions including the passport holder's photo and unique personal data.

The ability to define and store the optimal authentication region for agiven class of objects offers significant benefits to the user, althoughit is not mandatory. In many cases it is much easier to scan a limitedregion of an object than the entire object. For instance, in the case ofan article of designer clothing, it is much easier to take a picture ofthe manufacturer's label than it is to take a picture of the entiregarment. Further, defining such regions enable the detection of partialalteration of the object.

Once an authentication region is defined, specific applications can becreated for different markets and classes of objects that can assist theuser in locating and scanning the optimal authentication region. Forinstance, an appropriately sized location box and crosshairs canautomatically appear in the viewfinder of a smartphone cameraapplication to help the user center the camera on the authenticationregion, and automatically lock onto the region and take the picture whenthe camera is focused on the correct area. It should be noted that whilesome examples discussed above are essentially two-dimensional objects(passport, bank note); the present disclosure is fully applicable tothree-dimensional objects as well. Scanning or image capture may be 2-D,3-D, stereoscopic, HD etc. Image capture is not limited to the use ofvisible light.

In many cases, objects may have permanent labels or other identifyinginformation attached to them. These can also be used as features fordigital fingerprinting. For instance, wine may be put into a glassbottle and a label affixed to the bottle. Since it is possible for alabel to be removed and reused, simply using the label itself as theauthentication region is often not sufficient. In this case we maydefine the authentication region to include both the label and thesubstrate it is attached to—in this case some portion of the glassbottle. This “label and substrate” approach may be useful in definingauthentication regions for many types of objects, such as consumer goodsand pharmaceutical packaging. If a label has been moved from itsoriginal position, this can be an indication of tampering orcounterfeiting. If the object has “tamper-proof” packaging, this mayalso be useful to include in the authentication region.

In some cases, we will want to use multiple authentication regions toextract unique features. For a firearm, for example, we might extractfeatures from two different parts of the weapon. It is, of course,important that both match the original but since the two parts may bothhave been taken from the original weapon and affixed to a weapon ofsubstandard quality, it may also be important to determine whether theirrelative positions have changed as well. In other words it may benecessary to determine that the distance (or other characteristic)between Part A′s authentication region and Part B′s authenticationregion is effectively unchanged, and only if that is accomplished canthe weapon be authenticated. Specifications of this type can be storedwith or as part of a digital fingerprint of the firearm.

Once a suitable digital fingerprint of an object is acquired, the object(actually some description of it) and corresponding fingerprint may bestored or “registered” in a database. For example, in some embodiments,the fingerprint may comprise one or more feature vectors. The databaseshould be secure. In some embodiments, a unique ID also may be assignedto an object. An ID may be a convenient index in some applications.However, it is not essential, as a digital fingerprint itself can serveas a key for searching a database. In other words, by identifying anobject by the unique features and characteristics of the object itself,arbitrary identifiers, labels, tags, etc. are unnecessary and, as noted,inherently unreliable.

FIG. 1 is a simplified flow diagram illustrating a method 100 forcreating and storing or “registering” a digital fingerprint of an objectin a database. The process in one embodiment includes acquiring adigital image of the object, block 102, as discussed above. A variety ofimage capture technologies and devices may be used as noted. Next,features are extracted, block 104, from the digital image data. Asexplained, specific features or regions of interest (authenticationregions) may be selected in support of subsequent identification orauthentication of the object. The extracted features are analyzed andfeature vectors are extracted to form a digital fingerprint—a digitalfile or record associated with the original image data, indicated atblock 106. The digital fingerprint preferably may be stored in adatabase record. Other forms of searchable digital data storage shouldbe deemed equivalents. Further, at block 110, initialization data shouldbe added to the database record, or associated with it in a relatedtable. This data is associated with the physical object that wasscanned. For example, a description, manufacturer, model number, serialnumber, contents—a wide variety of data, selected as appropriate oruseful depending on the type of object.

FIG. 1B illustrates a process that includes more robust featureextraction. In this example, we again begin with acquiring digital imagedata, block 120. We select at least one authentication region, block122. This may be done by analysis of the image data, analysis of relatedimage data, by reference to a predetermined template that defines atleast one authentication region, or other means. The next block 124calls for extracting a feature vector from the selected authenticationregion. A feature vector may be used to represent features of a regionin a more compact form. For example, a feature vector may comprise anarray of color or gray scale numeric values corresponding to areaswithin the selected authentication region. The values may each comprisea sum, average, maximum or other function of the individual values of acorresponding group of pixels forming a sub-part of the region. In someapplications, a feature vector may identify a location and shape of adistinctive aspect within a selected region. In decision 126, there maybe additional feature vectors to be extracted from the same image data.In that case, the flow returns, path 130, to repeat the featureextraction step 124. This loop 130 may repeat until all desired featurevectors are collected. Optionally, there may be another authenticationregion to process in the same image data, see decision 132. In thatcase, the outer loop 133 is traversed back to block 122 for furtherfeature extraction with respect to one or more additional authenticationregions. Then some or all of the extracted feature vectors may becombined to form a digital fingerprint, block 134, which is then stored,block 136, along with related data, block 138, as mentioned above. Theprocess returns or concludes at block 140.

A database of digital fingerprints can form the basis of a system totrack and trace the object through a supply chain, distribution network,or sales channel. A track and trace system based on digitalfingerprinting has unique advantages and provides unique capabilitiesthat are not available with track and trace systems based on traditionalmethods.

Holograms, bar codes and serial numbers can all be duplicated withvarying degrees of effort. This means that if the code or tag can beduplicated, then counterfeit objects or two objects with the sameidentifier can exist in the supply chain or distribution network. Theycan then be registered in a traditional track and trace system. All suchsystems rely on determining that the anti-counterfeit item (label,hologram, RFID tag) is legitimate, not that the item itself is.

Due to this weakness, track and trace systems based on traditionalapproaches like bar codes or serial numbers cannot prevent the resultingcorruption of the system database. A counterfeit object may bemistakenly identified as genuine, and generate a false audit trail as itis tracked through the supply chain. Two or more objects with the sameID (one genuine, one or more counterfeit) may exist at the same time.Without physically examining the objects it is impossible to tell whichitem is genuine. Once identification is made as to which object isgenuine, the false trails must be removed from the database to restoreintegrity. This can be extremely difficult depending on the structure ofthe database and the complexity of the tracking data. In some cases theobjects may not have any further contact with the track and trace system(for instance if they are purchased by a consumer), and the record willnever be identified as false, leaving the database permanentlycorrupted.

In one embodiment of the Digital Fingerprinting Track and Trace System,an item may be scanned and identified at initial manufacture.Alternatively, an item may be scanned and identified at any subsequenttime or location for entry into a tracking system. This point ofidentification preferably is done when the item is either in thepossession of its manufacturer or has been transferred by secure meansto the current holder so that its legitimacy at the point ofidentification is adequately established.

The system then identifies the object every time it is scanned again,typically at discrete steps in manufacturing, distribution, and sale.FIG. 2 is a simplified flow diagram illustrating a method 200 formatching a digital fingerprint of a target object to a database ofexisting digital fingerprints. Here, we acquire image data of a “targetobject” i.e., the object we want to identify or authenticate by findinga match in the database, see block 202. We extract features from thetarget object image data, block 204, as discussed above. Then we createa new (second) digital fingerprint based on the extracted features,block 206. The next step is querying the database, block 208, for arecord that matches the second digital fingerprint record. “Matching” inthis context may be relative to a threshold confidence level rather thana binary decision. The requisite confidence level may vary depending onthe specific application. The confidence level required may be varieddynamically responsive to the data and experience with a given system.If no “matching” record is returned, decision 210, update the secondrecord (the digital fingerprint of the target object), block 212, toreflect that no match was found. If a match is returned, the matchingrecord is updated to reflect the match, for example, it may be linked tothe second record. The results may be returned to the user.

Typical tracking steps might include scanning at the point ofmanufacture, when packaged, when placed in inventory, when shipped, andat a retail point of purchase (upon arrival and again when sold), asillustrated in the tracking process 300 of FIG. 3. Each scan can be usedto update a remote database.

As mentioned earlier, a “scan” may refer to an image (or digital datathat defines an image) captured by a scanner, a camera, aspecially-adapted sensor array such as CCD array, a microscope, a smartphone camera, a video camera, an x-ray machine, etc. Broadly, any devicethat can sense and capture electromagnetic radiation that has traveledthrough an object, or reflected off of an object, is a candidate tocreate a “scan” of the object. It is critical to capture at least onenative feature of the object, as distinguished from a feature added tothe object for identification, such as a label, bar code, RFID tag,serial number, etc.

A “native feature” in this description is not concerned with reading orrecognizing meaningful content. For example, a label on a scanned objectwith a printed serial number may give rise to various features infingerprint processing, some of which may become part of a digitalfingerprint feature set or vector that is associated with the object.The features may refer to light and dark areas, locations, spacing, inkblobs, etc. This information may refer to the printed serial number onthe label, but there is no effort to actually “read” or recognize theprinted serial number (which may be bogus). Similarly, an RFID tagapplied to an object may give rise to a fingerprint vector responsive toits appearance and location on the object. However, no effort is made toactually stimulate or “read” data or signals from the tag.

While the most common application of track and trace systems is inmanufactured goods, the present system and methods, in various differentembodiments, may be applied to any object that can be identified with adigital fingerprint and tracked. These include but are not limited tomail pieces, parcels, art, coins, currency, precious metals, gems,jewelry, apparel, mechanical parts, consumer goods, integrated circuits,firearms, pharmaceuticals and food and beverages. Tracking may consistof any sequence of actions where the object is scanned, such as eachtime an object is appraised, authenticated, certified, auctioned,displayed, or loaned. The system may store both positive and negativeauthentication transactions. In an embodiment, the system may storelocation information (associated with a scan or fingerprint), whichprovides a profile of where counterfeit goods may be encountered.

FIG. 4 is a simplified conceptual diagram illustrating use of a mobiledevice application to query authentication information related to anobject. Here, various computing devices or terminals 402 may have accessover a network, for example, the Internet 404, to cloud computingfacilities/services such as a cloud server/datastore 406. For example,the devices 402 may be located at various points along a distributionchain as illustrated in FIG. 3, each location scanning an object andupdating the cloud server/datastore 406.

A server 412 may be provisioned to provide tracking and/or tracing dataanalysis and reporting. The server 412 has access to a datastore 420which may be used to store digital fingerprints and related data. Theserver can query or search the database 420 for digital fingerprintsearch and matching. The database 420 preferably is coupled to the cloudserver 406 in some embodiments. A mobile user device 410 such as asmartphone, tablet, laptop computer or dedicated device may beconfigured for communications with the server 412 to request and receivea reply or authentication report for an object of interest. Thisarchitecture is simplified and in any event is merely illustrative andnot intended to be limiting.

Continuous and Discrete Tracking

In some implementations, sensors may be attached to the object, andsensor data can flow back to the database in either a continuous fashion(near real time), or in discrete data transfer events. For example, datatransfer may occur when an authentication event occurs. For instance, ifthere is a GPS chip attached to the object, data flow can start when theobject is first registered in the system, and continue to flow as theobject changes location. Continuous (frequent) data updates can also bebuffered in local memory in a sensor attached to the item, and thendownloaded the next time the object is scanned and authenticated. Thisprovides a record of where the object has traveled (its itinerary).

As an example of the potential uses of sensor data, many products likefood and beverages can degrade with exposure to certain environmentalfactors over the course of their storage and shipment. Examples ofsensor data could include temperature, light exposure, altitude, oxygenlevel, or other factors, as well as location such as GPS data.

FIG. 5 is a simplified flow diagram illustrating one embodiment of aprocess 500 for tracking an object to verify its provenance. Here, anexpected itinerary of an object (a series of locations) may be stored ina datastore if known, block 502. The methods and systems described abovemay be used to track the object to the next location, block 504. If theobject does not arrive as expected (where and when expected according tothe itinerary), the failure may be reported to a user. In an embodiment,an object that arrives later than expected may be subjected to closermatching scrutiny to ensure its identity.

The next step, block 510, is to query the database for the next valid orexpected location. A unique itinerary may not be known, but a set ofvalid or expected locations may be known. The next actual location ofthe object (as determined by imaging and matching digital fingerprints)may be compared to the expected location(s) returned by the database,block 512. If that comparison indicates a departure from the expected orauthorized route, decision 520, the result may be reported to a user,block 522. (A report that the object is on track may be reported aswell.) Other options may be implemented such as a quantity check, block524. The process returns or terminates at block 526.

Most existing track and trace systems are only designed to be accessedby manufacturers or their authorized distributors, and often requirespecialized scanners or equipment. However, the consumer also has avested interest in determining whether the items that they are buyingare authentic. In some embodiments, the present system is designed toenable anyone along the supply, distribution, or sales chain, frommanufacturer to the retail consumer, to access the system and determinewhether the item is authentic. A specialized scanner is not required inall cases. For example, in one embodiment a mobile phone applicationdesigned for the consumer can be used to scan an object, query thedatabase, and determine if the object is authentic.

Finally, data collected by a digital fingerprinting system offers avariety of useful information to people along the supply, distributionand sales chain. Reports can be generated on individual items, or onsets of items. These reports can include but are not limited to thelocations of items over time, audit trails, points of entry ofcounterfeit goods, and exposure to environmental variables over thecourse of an object's useful lifetime.

Tags and Bar Codes

A tag may be added to an item, a barcode to a mail piece, etc. for tworeasons. First, the human may need it to know what the item is. This isthe identification function. It may identify the item to a store clerkas a particular style and size of clothing of a particular manufacturer;it may tell a postal carrier where to deliver a mail piece. Second,however, are tags that are only useful for a machine. Thus a four-statebar code on a mail piece (unreadable by humans) is used to route themail piece by machine. This entire class of machine readable tags can bereplaced by the methods of this patent. The first set may still beneeded for human use but are now divorced from their authenticationfunction.

Because we are exploiting natural features and often scanning the objectunder variable conditions, it is highly unlikely that two different“reads” will produce the exact same fingerprint. We therefore have tointroduce the ability to look up items in the database when there is anear-miss. For example, two feature vectors [0, 1, 5, 5, 6, 8] and [0,1, 6, 5, 6, 8] are not identical but (given the proper differencemetric) may be close enough to say with certainty that they are from thesame item that has been seen before. This is particularly true if,otherwise, the nearest feature vector of a different item is [5, 2, 5,8, 6, 4]. For example, a distance between vectors of n-dimensions iseasily calculated, and may be used as one metric of similarity or“closeness of match” between the vectors. One may also consider thedistance to the next nearest candidate.

Obviating the Chain of Custody

Many systems rely on a known “chain of custody” to verify authenticityof an object. The rules of evidence in court, for example, typicallyrequire proof of a chain of custody to demonstrate authenticity of ahair sample, weapon or other piece of physical evidence. From the timean object is collected at a crime scene, for example, it is typicallybagged, tagged, and moved into a locked box or evidence room forsafekeeping. Each person who removes it must attest to returning theoriginal item unchanged. Custody of the object from the crime scene tothe evidence locker to the courtroom must be accounted for as anunbroken chain. Digital fingerprinting techniques as disclosed hereincan be used to obviate most of that process. Provided an original objectis under the control and custody of an authorized or trusted entity atleast once, and a digital fingerprint, or an image suitable for forminga digital fingerprint of the object, is acquired under suchcircumstances, and stored, the object is uniquely identifiablethereafter by that fingerprint for the lifetime of the object.

Because digital fingerprinting works by extracting key features of anobject, it may be used to identify or authenticate objects even after agood deal of wear and tear. At any subsequent time, a suspect or“target” object can be similarly “fingerprinted” and the subsequentfingerprint compared to the stored fingerprint of the original object.If they match, authenticity is established, regardless of where or inwhose custody the object may have traveled in the meantime. Returning tothe crime scene example, if a digital fingerprint is acquired of aweapon taken from the crime scene, and the digital fingerprint stored,the weapon can be fingerprinted again at any subsequent time, and thedigital fingerprints compared to authenticate to weapon. Custody of theweapon in the interim is no longer an issue. Likewise when a coin orpiece of art is stolen our technology gives us the ability to continuethe original provenance even though chain of custody has been lost (i.e.we know it is the same coin we saw before even though it has not been inour direct possession during the time between theft and recovery).

Global vs. Regional Feature Matching

In a case where we have the original document or other objectfingerprinted, our techniques allow region-by-region matching so that wecan tell what (if any) regions have been changed. Thus, for example, wemight get a really good overall match on a passport but none of thematches happen in the photograph—so we know the photograph probably waschanged. Further, if some individual or group, say Al Qaeda, has acertain pattern or regularity to altering passports—change the photo,the date of birth and one digit of the passport number, say—then thisability to find altered regions also gives us the ability to discern thepattern of changes and thus develop a signature of the group making thechanges. Thus aspects of the present technology can be applied not onlyto detect a forged or altered document, but to identify in some casesthe source of the bogus document.

It will be obvious to those having skill in the art that many changesmay be made to the details of the above-described embodiments withoutdeparting from the underlying principles of the invention. The scope ofthe present invention should, therefore, be determined only by thefollowing claims.

1. A method comprising: acquiring digital image data of an image of atleast a selected authentication region of a document, wherein thedocument has been forged or altered at least in the authenticationregion from its original state; extracting at least one feature from theacquired image data from the authentication region; combining theextracted features to form a digital fingerprint of the forged document;designating the digital fingerprint as tending to evidence a forgery oralteration; storing the designated digital fingerprint in a databaserecord for use in detecting forged or altered documents; and repeatingthe foregoing steps over additional documents that have been forged oraltered so as to build a forgery database comprising multiple digitalfingerprint records for use in detecting forged or altered documents. 2.The method of claim 1 including: forming a feature vector to representmultiple features of the selected authentication region in a compactform; and storing the feature vector as part of the digital fingerprintin the forgery database record.
 3. The method of claim 2 wherein thefeature vector comprises an array of color or gray scale numeric valuescorresponding to a sub-region within the selected authentication region.4. The method of claim 3 wherein the numeric values in the array eachcomprise a mathematical function combining individual values of acorresponding group of pixels forming the sub-region of theauthentication region.
 5. The method of claim 4 wherein the mathematicalfunction is selected from a set of functions that includes a sum,maximum, and average of the individual values.
 6. The method of claim 4wherein extracting the feature information includes selecting theauthentication region based on a predetermined template that defines atleast one authentication region for a class of documents to which theforged documents belong.
 7. The method of claim 4 wherein at least oneof the digital fingerprints in the forgery database corresponds to aforged or altered document that comprises a numismatic object.
 8. Themethod of claim 4 wherein at least one of the digital fingerprints inthe forgery database corresponds to a government-issued identificationdocument.
 9. The method of claim 8 wherein the government-issuedidentification document corresponds to a passport.
 10. The method ofclaim 4 wherein at least one of the digital fingerprints in the forgerydatabase corresponds to a negotiable instrument as defined in theUniform Commercial Code.
 11. The method of claim 4 wherein at least oneof the digital fingerprints in the forgery database corresponds to abill of lading or shipping document.
 12. The method of claim 6 whereinat least one of the digital fingerprints in the forgery databasecorresponds to an original work of art.
 13. The method of claim 1 andfurther comprising: acquiring digital image data of a portion of asuspect document, wherein the portion of the suspect documentcorresponds to the authentication region used to build the forgerydatabase; extracting features from the portion of the suspect documentto form a digital fingerprint of the portion of the suspect document;comparing the digital fingerprint of the portion of the suspect documentto the digital fingerprint records in the forgery database; and based onthe comparison, reporting a potential forgery or alteration associatedwith the suspect document.
 14. The method of claim 13 wherein saidcomparing step includes querying the database to find digitalfingerprint records that match the digital fingerprint of the portion ofthe suspect document, each matching record defining a fraud indicatormatch; and further comprising: counting a number of the fraud indicatormatches; comparing the number to a predetermined threshold value todetermine a confidence that the suspect document is forged; andgenerating a report of the determined forgery confidence based on thecomparison.
 15. The method of claim 13 including acquiring digital imagedata of multiple different regions of a document; processing theacquired digital image data by extracting features from the multipledifferent regions; including the multiple extracted features in adigital fingerprint; and comparing the digital fingerprint to thedigital fingerprint records in the forgery database by conductingregion-by-region matching to detect what (if any) regions have beenchanged.
 16. A document forgery detection system comprising: a forgerydatabase operatively coupled to a computer server, the forgery databasecomprising multiple digital fingerprint records based on forged oraltered documents of a given document type; and stored instructionsexecutable in the computer server to cause the server to— access adigital image of a suspect document of the given type; select anauthentication region of the digital image based on the document type;extract a feature from the selected authentication region; query thedatabase to find digital fingerprint records that match theauthentication region and extracted feature data pair; count a number ofthe matching records; compare the count to a predetermined threshold todetermine a confidence level that the suspect document is forged; andbased on the comparison, generate a report of the confidence level forthe suspect document.
 17. The system of claim 16 wherein: the forgerydatabase comprises digital fingerprint records at least some of whichinclude plural features from a single authentication region; and thestored instructions cause the server to— select a first authenticationregion based on the document type; extract a first feature from thefirst authentication region; query the database to find digitalfingerprint records that match the first authentication region and firstfeature data pair; repeating the extracting and querying steps to findmatches for at least a second extracted feature in the firstauthentication region; and include a count of all matching records inthe determination of the confidence level.
 18. The system of claim 16wherein: the forgery database comprises digital fingerprint records thatinclude at least one corresponding feature from each one of multipleauthentication regions; and the stored instructions cause the server to—select a first authentication region based on the document type; extracta first feature from the first authentication region; query the databaseto find digital fingerprint records that match the first authenticationregion and first feature data pair; select a second authenticationregion based on the document type; extract a second feature from thesecond authentication region; query the database to find digitalfingerprint records that match the second authentication region andsecond feature data pair; and include a count of all matching records inthe determination of the confidence level.
 19. The system of claim 16wherein the fingerprint records in the forgery database include recordsthat identify at least a pair of authentication regions and a knowndistance between them; and the stored instructions executable in thecomputer server further cause the server to— analyze the digital imageto form a digital fingerprint of the suspect document comprisingfeatures corresponding to the pair of authentication regions; determinea distance between the pair of authentication regions on the suspectdocument; compare the determined distance to the known distance; andinclude a result of the comparison in the determination of theconfidence that the suspect document is forged.
 20. The system of claim16 wherein the document type is one of a negotiable instrument asdefined in the Uniform Commercial Code, a bill of lading or shippingdocument, an original work of art, a label on a bottle of wine.
 21. Thesystem of claim 16 wherein selecting the authentication region is basedon a predetermined template accessible to the processor that defines atleast one authentication region for a class of documents to which theforged documents belong.
 22. The system of claim 16 wherein thefingerprint records in the database include data that identifies asource of the corresponding forged or altered document; and the storedinstructions executable in the computer server further cause the serverto generate or include in a report an indication of the source of thematching records, to help identify a person or entity that may haveforged or altered the document.